SD-WAN, security, and SASE
As SD-WAN technology continues to mature with such advanced features, it will also play a pivotal role in enterprise organizations’ secure access service edge (SASE) strategies going forward, according to Butler. Integration of security features within SD-WAN platforms will also be a major focus this year as organizations work to enhance network protections.
“The newest innovations in integrated SD-WAN security capabilities include data loss prevention (DLP) capabilities targeted at GenAI workloads; in these use cases, the DLP system can ensure no sensitive company data exfiltrates over the SD-WAN to an AI’s large language model (LLM),” Butler explains.
IDC projects that many organizations will continue to leverage SD-WAN as a base for implementing SASE, utilizing its network optimization capabilities to deliver secure connectivity to cloud applications and services. While the SD-WAN and SASE markets continue to converge, Butler says enterprises should evaluate the natively integrated security capabilities offered by SD-WAN vendors, which include intrusion detection and prevention systems (IDS/IPS), next-generation firewall (NGFW), and content/web/URL filtering.
Depending on the SD-WAN provider, enterprises might need to explore secure services edge (SSE) as well as SASE in combination with their SD-WAN investment. Enterprises must also examine the continued maturation of SASE architectures, which combine SD-WAN with cloud-based security tools, such as secure web gateway (SWG), cloud access security broker (CASB), and zero trust network access (ZTNA).
IDC survey data shows a strong preference among SD-WAN users or prospective users for single-vendor SASE architectures. In a May 2024 survey of 768 respondents, IDC found that 73% of respondents who are using or planning to use a SASE architecture prefer to use the same vendor for SD-WAN and security solutions.
“SD-WAN customers can work with their existing SD-WAN vendor to deploy a SASE architecture or use a multi-vendor approach,” Butler says. “Customers should evaluate their specific needs when it comes to single or multi-vendor SASE, taking into consideration existing deployments/relationships, use cases, and specific features/functionality that are important to them.”
